Sign In User / Authenticate User with AWS Cognito

Question

I am trying to sign in a user server side on asp.net Core 2

I have registered a user and confirmed with a verification link but now I am struggling to sign that user into my application. It's a shame the documentation for c# is so poor!

User Pool Config:

App Client: Enable sign-in API for server-based authentication (ADMIN_NO_SRP_AUTH) - checked

Here's the code:

public async Task<bool> SignInUserAsync(CognitoUser user)
    {
        var provider = new AmazonCognitoIdentityProviderClient(new AnonymousAWSCredentials(),
            RegionEndpoint.GetBySystemName("eu-west-2"));

        try
        {
            var authReq = new AdminInitiateAuthRequest
            {
                AuthFlow = AuthFlowType.ADMIN_NO_SRP_AUTH,
                UserPoolId = _poolId,
                ClientId = _clientId
            };
            authReq.AuthParameters.Add("USERNAME", user.Email);
            authReq.AuthParameters.Add("PASSWORD", user.Password);

            AdminInitiateAuthResponse authResp = await provider.AdminInitiateAuthAsync(authReq);

            return true;
        }
        catch
        {
            return false;
        }


    }

The error that returns is Missing Authentication Token but I can't work out where the token needs to be set / has been given to me.

Is it something with my AmazonCognitoIdentityProviderClient settings or perhaps App client settings under the

AWS > User Pools > App Intergration > App Client Settings?

Answer 1

AdminInitiateAuth API is meant to be called from a back end which has access to developers IAM credentials. Since you are trying to call this with AnonymousAWSCredentials, you are getting Missing Authentication Token error.

Cognito User Pools does not yet have native support for C#. You should integrate Cognito User Pools in your C# app using the hosted auth pages instead of native API calls.